Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/78e7e0-7b9d-4d80-b107-cb9b1acf3a6c/1/yKeMVUkVBWHs-FVIi44uX9QDAqo.roa
File:                     yKeMVUkVBWHs-FVIi44uX9QDAqo.roa (raw, json)
Hash identifier:          hWItf32q6xJko2SZ35Jlr3bKU4AbyymXOpAukoJA/sU=
Subject key identifier:   C8:A7:8C:55:49:15:05:61:EC:F8:55:48:8B:8E:2E:5F:D4:03:02:AA
Certificate issuer:       /CN=2ad7b6f0f6518d82e12b9bdc376602b23b612994
Certificate serial:       01856EF433297E8091C1F3D0D46D6D1E0F2B
Authority key identifier: 2A:D7:B6:F0:F6:51:8D:82:E1:2B:9B:DC:37:66:02:B2:3B:61:29:94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kte28PZRjYLhK5vcN2YCsjthKZQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/78e7e0-7b9d-4d80-b107-cb9b1acf3a6c/1/yKeMVUkVBWHs-FVIi44uX9QDAqo.roa
Signing time:             Sun 01 Jan 2023 20:09:35 +0000
ROA not before:           Sun 01 Jan 2023 20:09:35 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60458
IP address blocks:        185.37.231.0/24 maxlen: 24
                          185.37.229.0/24 maxlen: 24
                          185.37.230.0/24 maxlen: 24
                          185.37.228.0/24 maxlen: 24
                          185.37.228.0/23 maxlen: 23
                          185.226.152.0/22 maxlen: 24
                          185.100.72.0/22 maxlen: 22
                          185.226.154.0/24 maxlen: 24
                          185.162.168.0/23 maxlen: 23
                          185.162.171.0/24 maxlen: 24
                          185.162.170.0/24 maxlen: 24
                          45.131.80.0/22 maxlen: 22
                          195.8.49.0/24 maxlen: 24
                          195.8.48.0/24 maxlen: 24
                          45.146.188.0/22 maxlen: 22
                          185.156.216.0/24 maxlen: 24
                          185.156.219.0/24 maxlen: 24
                          185.156.217.0/24 maxlen: 24
                          185.156.218.0/24 maxlen: 24
                          185.167.24.0/24 maxlen: 24
                          185.167.27.0/24 maxlen: 24
                          185.167.25.0/24 maxlen: 24
                          185.167.26.0/24 maxlen: 24
                          195.8.119.0/24 maxlen: 24
                          45.151.192.0/22 maxlen: 22
                          185.125.78.0/24 maxlen: 24
                          185.125.76.0/22 maxlen: 22
                          185.125.76.0/24 maxlen: 24
                          185.125.77.0/24 maxlen: 24
                          91.199.102.0/24 maxlen: 24
                          91.199.108.0/24 maxlen: 24
                          185.125.79.0/24 maxlen: 24
                          91.199.123.0/24 maxlen: 24
                          45.143.148.0/22 maxlen: 22
                          185.202.145.0/24 maxlen: 24
                          185.202.144.0/24 maxlen: 24
                          185.202.147.0/24 maxlen: 24
                          185.202.146.0/24 maxlen: 24
                          91.199.90.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:f4:33:29:7e:80:91:c1:f3:d0:d4:6d:6d:1e:0f:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ad7b6f0f6518d82e12b9bdc376602b23b612994
        Validity
            Not Before: Jan  1 20:09:35 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c8a78c5549150561ecf855488b8e2e5fd40302aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:8b:20:20:6c:a7:a4:aa:54:16:54:6d:df:02:
                    19:e6:44:db:8d:b9:3f:b8:7d:79:70:30:a3:34:a7:
                    1f:d0:8f:70:30:8c:84:72:7c:d3:d1:0b:5f:1e:39:
                    50:03:63:e8:1e:52:4e:d6:10:44:0f:f9:81:77:a9:
                    8e:22:cc:1b:be:3c:1d:bd:19:f7:6e:3e:b1:26:5a:
                    ca:c9:b1:75:58:62:99:ee:ee:05:67:ba:cc:86:62:
                    2e:d7:a4:38:8c:4c:0c:24:f7:f9:aa:df:89:79:a0:
                    a3:de:fd:7e:ac:95:18:73:70:ad:a2:a1:5d:78:e8:
                    0a:fe:30:e1:9c:5b:db:d0:0c:25:98:bf:17:51:e3:
                    6f:7d:bb:dd:2d:f7:9f:18:9b:cb:d5:6b:4c:02:2c:
                    9f:a0:b7:56:c3:40:71:1d:a3:6c:a2:41:fe:e6:08:
                    76:ea:25:92:d9:04:3f:88:12:5a:a6:45:e4:2c:37:
                    5a:a3:e3:56:60:da:4e:21:9f:62:14:9f:fc:6e:e0:
                    ff:4c:45:62:36:83:6a:3d:f7:02:f6:3a:d2:97:3a:
                    0a:c2:1a:2b:07:5f:6d:db:3e:fe:08:61:2d:be:6d:
                    35:bf:44:20:90:1f:68:57:1d:7d:6a:d6:ba:20:6a:
                    3d:14:55:fc:20:80:62:9d:71:f9:8b:99:f9:ec:dc:
                    19:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:A7:8C:55:49:15:05:61:EC:F8:55:48:8B:8E:2E:5F:D4:03:02:AA
            X509v3 Authority Key Identifier:
                keyid:2A:D7:B6:F0:F6:51:8D:82:E1:2B:9B:DC:37:66:02:B2:3B:61:29:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kte28PZRjYLhK5vcN2YCsjthKZQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/78e7e0-7b9d-4d80-b107-cb9b1acf3a6c/1/yKeMVUkVBWHs-FVIi44uX9QDAqo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/78e7e0-7b9d-4d80-b107-cb9b1acf3a6c/1/Kte28PZRjYLhK5vcN2YCsjthKZQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.131.80.0/22
                  45.143.148.0/22
                  45.146.188.0/22
                  45.151.192.0/22
                  91.199.90.0/24
                  91.199.102.0/24
                  91.199.108.0/24
                  91.199.123.0/24
                  185.37.228.0/22
                  185.100.72.0/22
                  185.125.76.0/22
                  185.156.216.0/22
                  185.162.168.0/22
                  185.167.24.0/22
                  185.202.144.0/22
                  185.226.152.0/22
                  195.8.48.0/23
                  195.8.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:42:7b:fd:a3:be:b3:ef:66:ca:c1:ac:d6:4e:56:12:21:5f:
         c0:14:b5:de:1d:5d:dd:51:2f:08:06:48:86:6a:d9:90:28:a8:
         c7:cf:b0:e4:9d:21:82:42:94:bc:73:1b:c6:78:c6:80:86:7b:
         a3:8c:74:86:d8:94:95:9a:f4:c6:d7:6c:ed:a2:ef:f5:3b:97:
         70:af:da:17:0a:7f:d0:ad:23:f8:4d:20:ff:94:79:a6:9c:e1:
         c2:51:80:d3:2b:59:09:68:34:2e:50:e6:95:57:56:10:3d:3d:
         96:82:bf:57:96:31:7e:21:0c:f3:64:52:e4:fa:a8:b9:1a:62:
         98:f1:c9:20:6d:44:6a:02:5f:74:87:56:2e:f2:a6:9e:53:40:
         3c:95:a1:84:56:6e:88:af:8e:b6:33:19:aa:ee:ea:1b:7f:59:
         a3:c4:bc:69:c4:27:01:41:8b:1d:1e:83:5d:a3:ee:e4:25:7b:
         d2:06:62:b3:ed:a2:d3:5b:5e:a0:db:0d:95:0f:76:0b:45:ff:
         81:5c:99:50:b5:51:da:d4:ca:63:e9:04:41:bf:9a:04:2c:97:
         b3:ab:0b:51:c9:06:ed:e9:e0:cf:30:34:1d:79:64:d0:b7:67:
         2e:23:b3:28:4d:97:02:79:39:58:f1:fe:7a:47:50:02:1e:85:
         2e:20:aa:c7
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYVu9DMpfoCRwfPQ1G1tHg8rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZDdiNmYwZjY1MThkODJlMTJiOWJkYzM3NjYwMmIyM2I2
MTI5OTQwHhcNMjMwMTAxMjAwOTM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGE3OGM1NTQ5MTUwNTYxZWNmODU1NDg4YjhlMmU1ZmQ0MDMwMmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvosgIGynpKpUFlRt3wIZ5kTbjbk/
uH15cDCjNKcf0I9wMIyEcnzT0QtfHjlQA2PoHlJO1hBED/mBd6mOIswbvjwdvRn3
bj6xJlrKybF1WGKZ7u4FZ7rMhmIu16Q4jEwMJPf5qt+JeaCj3v1+rJUYc3CtoqFd
eOgK/jDhnFvb0AwlmL8XUeNvfbvdLfefGJvL1WtMAiyfoLdWw0BxHaNsokH+5gh2
6iWS2QQ/iBJapkXkLDdao+NWYNpOIZ9iFJ/8buD/TEViNoNqPfcC9jrSlzoKwhor
B19t2z7+CGEtvm01v0QgkB9oVx19ata6IGo9FFX8IIBinXH5i5n57NwZdQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFMinjFVJFQVh7PhVSIuOLl/UAwKqMB8GA1UdIwQY
MBaAFCrXtvD2UY2C4Sub3DdmArI7YSmUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3RlMjhQWlJqWUxoSzV2Y04yWUNzanRoS1pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni83OGU3ZTAtN2I5ZC00ZDgwLWIxMDct
Y2I5YjFhY2YzYTZjLzEveUtlTVZVa1ZCV0hzLUZWSWk0NHVYOVFEQXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni83OGU3ZTAtN2I5ZC00ZDgwLWIxMDctY2I5YjFhY2YzYTZj
LzEvS3RlMjhQWlJqWUxoSzV2Y04yWUNzanRoS1pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAi2DUAME
Ai2PlAMEAi2SvAMEAi2XwAMEAFvHWgMEAFvHZgMEAFvHbAMEAFvHewMEArkl5AME
ArlkSAMEArl9TAMEArmc2AMEArmiqAMEArmnGAMEArnKkAMEArnimAMEAcMIMAME
AMMIdzANBgkqhkiG9w0BAQsFAAOCAQEAjUJ7/aO+s+9mysGs1k5WEiFfwBS13h1d
3VEvCAZIhmrZkCiox8+w5J0hgkKUvHMbxnjGgIZ7o4x0htiUlZr0xtds7aLv9TuX
cK/aFwp/0K0j+E0g/5R5ppzhwlGA0ytZCWg0LlDmlVdWED09loK/V5YxfiEM82RS
5PqouRpimPHJIG1EagJfdIdWLvKmnlNAPJWhhFZuiK+OtjMZqu7qG39Zo8S8acQn
AUGLHR6DXaPu5CV70gZis+2i01teoNsNlQ92C0X/gVyZULVR2tTKY+kEQb+aBCyX
s6sLUckG7engzzA0HXlk0LdnLiOzKE2XAnk5WPH+ekdQAh6FLiCqxw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:26 2024 by rpki-client on console-ams.rpki-client.org